Truffles Tech Pte. Ltd. ("Truffles", "we", "us", or "our") operates and maintains a B2B payments platform, which allows international businesses to open a Singapore-based bank account and transact internationally with counterparts in minutes, with multiple currencies.
2. Collection of Personal Data
We may collect various types of personal data, including but not limited to:
a. Personal details such as name, contact information, address, date of birth, and identification documents;
b. Employment details such as occupation, directorship, or share ownership;
c. Information relating to transactions made through our platform and the use of our services;
d. Other electronic data or information, such as IP addresses, cookies, activity logs, online identifiers, and location data; and
e. Any other personal data provided to us through the use of our platform and services or during your interactions with us.
3. Purposes for the Collection, Use, and Disclosure of Personal Data
We may use your personal data for various purposes, including but not limited to:
a. Providing, maintaining, and improving our platform, services, and features;
b. Processing transactions and facilitating payments between you and your counterparts;
c. Verifying your identity, conducting due diligence, and performing credit checks;
d. Complying with applicable laws, regulations, guidelines, and requests from authorities;
e. Developing new products, services, or features and improving our existing ones;
f. Communicating with you, including sending updates, newsletters, and promotional materials;
g. Responding to and handling your inquiries, feedback, or complaints;
h. Conducting research, analysis, and marketing activities;
i. Ensuring the security and integrity of our platform, services, and users' data; and
j. Any other purposes reasonably related to the above or as required by applicable laws and regulations.
We may disclose your personal data to our neobank partner, custodian bank, other members of the Truffles group, or to third parties such as our service providers, business partners, regulators, or authorities if necessary to fulfill the above purposes or comply with applicable laws and regulations.
4. Accuracy, Protection, and Retention of Personal Data
We strive to ensure that the personal data we hold is accurate, complete, and up-to-date. You should inform us of any changes to your personal data as soon as possible. We have implemented appropriate administrative, technical, and physical measures to protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, or disposal.
We retain your personal data for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. When the retention of your personal data is no longer necessary, we will safely dispose of it or anonymize it so that it can no longer be linked to you.
5. Access, Correction, and Portability of Personal Data
You may request access to, correction of, or portability of your personal data held by us by contacting our Data Protection Officer (DPO) at the contact details provided below. We may require you to provide proof of your identity before processing your request.
We may charge reasonable fees for processing your request, and we will notify you of any applicable fees before proceeding.
6. Cookies and Web Analytics
We reserve the right to update this Policy from time to time to ensure that it remains current and in line with any changes in the way we collect, process, use, or disclose personal data or comply with applicable laws and regulations. The latest version of this Policy will be made available on our platform so that you are always informed of our data protection practices.
8. Third-Party Services and International Data Transfers
In providing our services, we may engage with or use third-party service providers to assist us in various functions, such as conducting know-your-customer checks, payment processing, invoice tracking, analytics, and marketing. Some of these third parties may be located outside of Singapore, and your personal data may be transferred, processed, or stored in those countries.
When engaging with or using such third-party services, we will take necessary steps to ensure that your personal data is protected and handled in accordance with this Policy, as well as in compliance with applicable laws and regulations. This may include implementing appropriate contractual agreements, and ensuring that the third-party service providers are bound by data protection obligations consistent with those set out in this Policy.
9. Links to Other Websites
Our platform may contain links to other websites, which are outside of our control and are not covered by this Policy. If you access any third-party websites using the links provided, the operators of these websites may collect personal data about you in accordance with their own privacy policies.
We encourage you to read the privacy policies of those third-party websites when accessing or using them, as their policies may differ from ours. We are not responsible for the privacy practices or the content of such third-party websites.
10. Consent, Withdrawal, and Opting Out
By accessing our platform and using our services, you consent to our collection, use, disclosure, and processing of your personal data in accordance with this Policy. You may withdraw your consent at any time by contacting our DPO. Please note that withdrawing your consent may affect the services we are able to provide to you.
You have the right to opt out of receiving any marketing materials or communications we may send to you. You can do this by contacting our DPO or by using the unsubscribe link in our marketing emails. However, this opt-out will not apply to essential service-related communications, which will continue to be sent to you as necessary.
11. Security Breaches
In the event of a security breach involving your personal data, we will take appropriate measures to notify you and relevant authorities as required by applicable laws and regulations, in order to mitigate and remedy any potential impact on your privacy.
12. Limitation of Liability
To the extent permitted by applicable laws, we expressly exclude any liability for any direct or indirect loss or damage, including but not limited to special, incidental, consequential, punitive, or exemplary damages, arising from any breach of this Policy, unauthorized access, loss, misuse, or alteration of your personal data, except where such loss or damage is due to our negligence or willful misconduct.
13. Governing Law
This Policy shall be governed by and construed in accordance with the laws of Singapore. You agree to submit to the exclusive jurisdiction of the courts of Singapore to resolve any disputes arising out of or in connection with this Policy, your personal data, or our platform and services.
14. Contact Us
If you have any questions or concerns about this Policy, or your personal data, or wish to exercise any of your rights under this Policy, please contact our DPO:
Data Protection Officer
Truffles Tech Pte. Ltd.
Address: 1 RAFFLES PLACE, #27-61A, ONE RAFFLES PLACE, SINGAPORE (048616)
Your continued use of our platform and services, following any changes to this Policy, constitutes your acceptance of such changes.
Last updated: 30th May, 2023